<?php 
/* P3(c)

******************************************************************************
                                                                                      
                         __                                                        
                        /__)                                                       
                       /__        P3 - moving Technologie            
                        __)                                                          
                        __)                                                          
                                                                                        
                                                                                        
       Copyright 2009 by p3.co.at                                                                                 
                                                                                        
       visit www.p3.co.at to get more Informations 
       about Teriko - Betriebsdatenerfassung                                                                                 
       - it's not allowed to change this scripts
       - it's not allowed to remove this copyright-tag

       -- you can download the complete license   
          under http://www.teriko.org

 (c) by Patrik Pfaffenbauer and P3 (http://www.p3.co.at)

 | Programname: P3.Teriko
 | Authtor: P3.Verein
 | Coder: Patrik Pfaffenbauer
 | Version: 0.1

 | Change Index
 |_____________________________________________
 |                                             |
 |4.3.2010 Erstellung | Patrik Pfaffenbauer    |
 |_____________________________________________|

******************************************************************************

P3(c) */ 

class Login extends Base
{
	public function Login()
	{
		$this->title = $GLOBALS['lang']->GetLanguage("Login", "title");
		$this->toolbar = false;
		$this->allowed = true;
	}
	
	public function AnalysPost()
	{
		include("./_tables.php");
		session_start();
					
		if($_POST['action'] == "login")
		{
			$this->CheckLogin();
		}
		else if($_GET['action'] == "logout")
		{
			
			$res = $GLOBALS['db']->Query("SELECT * FROM ".$tblonlinetimes." WHERE userid='".$_SESSION['userid']."' AND logoffTime is null");
			$line = $GLOBALS['db']->Fetch($res);
			
			$GLOBALS['db']->Query("UPDATE ".$tblonlinetimes." SET logoffTime='".date("Y-m-d H:i:s")."', logoffTimeEdit='".date("Y-m-d H:i:s")."' WHERE id='".$line->id."'");
			$GLOBALS['db']->Query("UPDATE ".$tbljobtimes." SET endTime=Now(), endTimeEdit=Now() WHERE userid=".$_SESSION['userid']);
			
			session_unset();
			echo '<script type="text/javascript">
						<!--
	    				window.location = "index.php";
						//-->
						</script>';
		}
		else
		{
			if($_SESSION['loggedIn'])
			{
				echo '<script type="text/javascript">
						<!--
	    				window.location = "index.php";
						//-->
						</script>';
			}
			else
			{
				$this->Paint();
			}
		}
	}
	public function CheckLogin()
	{
		session_start();
		include("./_tables.php");
		
		if($_SESSION['loggedIn'])
		{
			session_unset();
		}
		
		$username = $_POST['username'];
		$password = $_POST['passwd'];
		$lang = $_POST['lang'];
		
		$query = "SELECT * FROM ".$tbluser." WHERE username='".$username."' AND activated='1'";
		$res = $GLOBALS['db']->Query($query);
		
		if($GLOBALS['db']->NumRow($res))
		{
			$line = $GLOBALS['db']->Fetch($res);
			$hash = hash("sha256", $password);
			
			if($hash == $line->password)
			{
				$_SESSION['userid'] = $line->id;
				$_SESSION['loggedIn'] = true;
				$_SESSION['firstName'] = $line->firstName;
				$_SESSION['lastName'] = $line->lastName;
				$_SESSION['lang'] = $lang;
				$_SESSION['logonTime'] = date("H:i:s");
				$_SESSION['logonDate'] = date("m.d.Y");
				
				$GLOBALS['db']->Query("INSERT INTO ".$tblonlinetimes." (userid, logonTime, logonTimeEdit)
				VALUES ('".$line->id."', '".date("Y-m-d H:i:s")."', '".date("Y-m-d H:i:s")."')");
				
				echo '<script type="text/javascript">
						<!--
	    				window.location = "index.php";
						//-->
						</script>';
			}
			else
			{
			
				echo '<script type="text/javascript">
						<!--
	    				window.location = "index.php?m=wrong-login"
						//-->
						</script>';
			}
		}
		else
		{
			session_unset();
					
			echo '<script type="text/javascript">
					<!--
    				window.location = "index.php?m=wrong-login";
					//-->
					</script>';
		}
	}

	public function Paint()
	{
		
		if($_SESSION['loggedIn'])
			return;
			
		include("./_tables.php");
		$company = $GLOBALS['db']->GetValue("company_title");
		echo '					<div style="text-align:center;"><h1>'.$company.' - BDE</h1></div>
					
							<div id="section-box">
			<div class="t">
				<div class="t">
					<div class="t"></div>
		 		</div>
	 		</div>
			<div class="m">

				<form action="index.php" method="post" name="login" id="form-login" style="clear: both;">
	<p id="form-login-username">
		<label for="modlgn_username">'.$GLOBALS['lang']->GetLanguage("Login", "username").'</label>
		<input name="username" id="modlgn_username" type="text" class="inputbox" size="15" />
	</p>

	<p id="form-login-password">
		<label for="modlgn_passwd">'.$GLOBALS['lang']->GetLanguage("Login", "password").'</label>

		<input name="passwd" id="modlgn_passwd" type="password" class="inputbox" size="15" />
	</p>
		<p id="form-login-lang" style="clear: both;">
		<label for="lang">'.$GLOBALS['lang']->GetLanguage("Login", "lang").'</label>
		<select name="lang" id="lang" class="inputbox">';
		
		$res = $GLOBALS['db']->Query("SELECT * FROM ".$tbllang);
		while($line = $GLOBALS['db']->Fetch($res))
		{
			echo '<option value="'.$line->id.'">'.$line->langDesc.'</option>';
		}
		
		
	echo'	</select>	</p>
	<div class="button_holder">

	<div class="button1">
		<div class="next">
			<a onclick="login.submit();">
				'.$GLOBALS['lang']->GetLanguage("Login", "logon").'</a>

		</div>
	</div>
	</div>
	<div class="clr"></div>

	<input type="submit" style="border: 0; padding: 0; margin: 0; width: 0px; height: 0px;" value="Anmelden" />
	<input type="hidden" name="option" value="login" />
	<input type="hidden" name="action" value="login" /></form>
		';
	}
	public function Toolbar()
	{	
	
	}
	
	public function AddCSS()
	{
			
	}
	public function AddJS()
	{
		
	}
}
?>